Experts struggle to fix NHS cyber-hack

Cyber security experts rushed to restore systems on Saturday after an unprecedented global wave of cyberattacks that struck targets ranging from Russia's banks to British hospitals and a French carmaker's factories.

Health workers reported being locked out of their systems and seeing messages demanding ransom payments to regain access.

All told, several cybersecurity firms said they had identified the malicious software responsible for tens of thousands of attacks in more than 60 countries, including the United States, though its effects in the US did not appear to be widespread, at least in the initial hours.

Asian countries reported no major breaches on Saturday, but officials in the region were scrambling to check and the full extent of the damage may not be known for some time. Why is it certain regions are affected more than others?

The UK's National Health Service fell victim, its hospitals forced to close wards and emergency rooms and turn away patients.

Russia's Interior Ministry released a statement acknowledging a ransomware attack on its computers, adding that less than 1% of computers were affected, and that the virus is now "localized".

Telecommunications company Telefonica was among many targets in Spain.

State agencies and major companies around the world were left reeling by the attacks which blocked access to files and demanded ransom money, forcing them to shut down their computer systems.

Microsoft has released software patches for the security holes, although not everyone has installed those updates.

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, called the attack "the biggest ransomware outbreak in history".

The security holes it exploits were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the NSA as part of its intelligence-gathering.

In December it was reported almost all NHS trusts were using an obsolete version of Windows that Microsoft had stopped providing security updates for in April 2014.

Finance chiefs from the Group of Seven rich countries will commit on Saturday to join forces to fight the growing threat of global cyber attacks, according to a draft statement of a meeting they are holding in Italy.

WannaCry is not just a ransomware program, it's also a worm.

French carmaker Renault has also been affected.

"Once it gets in and starts moving across the infrastructure, there is no way to stop it", said Adam Meyers, a researcher with cyber security firm CrowdStrike.

But those attacks - blamed on Russian Federation, which has repeatedly denied them - followed a different modus operandi involving penetrating the accounts of individuals and political organizations and then releasing hacked material online.

The ransomware's progress has been halted by the accidental discovery late Friday of a "kill switch" hidden within the code by a security researcher, said cybersecurity consultant David Kennedy, formerly of the US National Security Agency. The update I've got this morning is that we're very much into recovery phase now, with a lot of work going on to get systems back up running.